pixelsage suggested an idea · Jun 04, 2019 at 10:48 PM · Account Management

Sign in with Apple

PlayFab should make sure to stay on top of this new feature from Apple:

"Sign In with Apple will be available for beta testing this summer. It will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year.

This means that, theoretically, anytime you see an option to sign-in to a service with Facebook or Google, you should also see an option to sign in with your Apple account. Thus, developers will be required to update their apps to integrate “Sign in with Apple.”"

Brandon Phillips commented · Jun 08, 2019 at 08:52 AM

I feel like since this is a "game breaker" for those that use any social login system on iOS, PlayFab might be "forced" to implement it if they want to keep offering any social login on an iOS platform by the time iOS 13 comes out.

2 Show 1

pixelsage · Jun 10, 2019 at 07:55 AM 0

Yeah, possibly. And I know it's been on Playfab's roadmap to get Game Center login working, too. Talk about untimely.

brandon commented · Jun 12, 2019 at 05:59 PM

It was already stated in the OP, but I wanted to include some references for those who are curious. Sign-In with Apple will indeed be required.

Sign In with Apple will be available for beta testing this summer. It will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year.

Reference: https://developer.apple.com/news/?id=06032019j

1 Show 1

pixelsage · Jun 12, 2019 at 07:31 PM 0

Thanks! It definitely helps to have the official source referenced.

Fakhra AlMansouri commented · Jul 10, 2019 at 06:51 PM

I can confirm that Apple will make it mandatory for those apps which required sign in with Facebook or Google.

Brandon Phillips commented · Oct 22, 2019 at 02:19 AM

Unfortunately it is now a requirement, which means it will likely need to be supported by PlayFab. However, it may be possible to use the PlayFab LoginWithOpenIdConnect API as it seems Sign in with Apple uses Open ID. Anyone have any experience with this?

0 Show 2

Brendan ♦♦ · Oct 22, 2019 at 04:34 AM 1

What Apple did was add an OIDC-based auth. We checked, and their JWT was lacking a nonce, which is non-standard, but we updated our OIDC login to allow for that. Unfortunately, we've also found in testing that their known-good configuration file also violates the OIDC spec by having a mismatch between the issuer and the URL. We're investigating to see if we can work around that (our OIDC library follows the standard, which is why it's tricky).

Brandon Phillips Brendan ♦♦ · Oct 23, 2019 at 02:38 AM 0

@Brendan Thanks for the info. We got our Title to successfully link to "Sign in with Apple" using CreateOpenIdConnection, but unfortunately the actual sign-in doesn't work in-client, and the error returned is

Signature validation failed. Unable to match keys:

Brandon Phillips commented · Nov 14, 2019 at 08:35 PM

We've finally gotten it working with PlayFab's LoginWithOpenIdConnect API! The Connection ID and Client ID need to both be the Client ID used in Apple's service setup, and the Client Secret can be generated with a variety of languages (ruby and python are easiest)

0 Show 1

Jeff Posey · Dec 30, 2019 at 05:57 PM 0

From Citrus Yan on the other thread:

"And, you can make a feature request about LoginWithOpenIdConnect API taking in an endpoint instead of a ConnectionID."

It sounds like this wasn't necessary? Was there anything changed by PlayFab in the process of getting it working?

What about Linking an Apple account? We would want to support this as well, when they chose "Continue as Guest" at first.

I'm trying to figure out how much time this is going to take, and if instead I need to not have any other login methods like Facebook (until PlayFab supports Sign in with Apple and LinkAppleAccount). But I believe if I only sign in with DeviceID, that would mean there would be no way to share the same PlayFab account between your iPhone and your iPad.

Hayrettin Yucel commented · Dec 17, 2019 at 02:43 PM

This feature request marked as completed. What does that mean?

0 Show 1

Brandon Phillips · Dec 18, 2019 at 02:12 AM 0

It's available now using OpenIDConnect (see my comment above yours)

Dyon Ng commented · Dec 18, 2019 at 03:41 PM

I'm having issues getting this to work. When I make a LoginWithOpenIdConnect request, I get an error from PlayFab:

{"code":403,"status":"Forbidden","error":"NotAuthorized","errorCode":1089,"errorMessage":"Value cannot be null.\r\nParameter name: key"}

My login request looks like:

POST https://{{TitleID}}.playfabapi.com/Client/LoginWithOpenIdConnect
    Content-Type: application/json
{
  "ConnectionId": "com.company.clientid", // sign-in-with-apple service id
  "IdToken": "eyJraWQiOiJ...", // jwt id_token from apple
  "CreateAccount": true
}

My OpenId Connection in Title Settings:

ConnectionId: "com.company.clientId", // sign-in-with-apple service id
ClientId: "com.company.clientId", // same as above
ClientSecret: "eyJhbGciO..." // generated with p8 file, clientId, teamId, keyId
Issuer: "https://appleid.apple.com/auth/keys" // shows up blank now

Is there a guide or something that we can follow that might help with this?

Also, your "TRY IT" button on that API page is, sadly, broken:

Uncaught TypeError:
PlayFab.ClientApi[method] is not a function
    at Object.makeClientAPICall (tools.js?t=20190314:176)
    at HTMLButtonElement.<anonymous> (tools.js?t=20190314:71)
    at HTMLButtonElement.dispatch (lib.js?t=20190314:2)
    at HTMLButtonElement.q.handle (lib.js?t=20190314:2)

0 Show 1

MarcoWilliamsPF ♦ · Jan 02, 2020 at 06:59 PM 0

There is a guide that is in-progress for this. I don't have an exact ETA release date on the documentation. But the document is complete and it just needs to be added to the docs.microsoft.com/gaming/playfab documentation portal. I suspect that it should be available sometime between now and the end of next week.

MarcoWilliamsPF commented · Jan 02, 2020 at 07:17 PM

Per my last comment, I stand corrected. The document is already up. @Dyon Ng

https://docs.microsoft.com/en-us/gaming/playfab/features/authentication/platform-specific-authentication/apple-open-id

0 Show 4

Dyon Ng · Jan 02, 2020 at 09:40 PM 0

Ah, this wasn't there when I last checked for a guide. I'll give this a shot, thanks a bunch.

Don Glover Dyon Ng · Jan 07, 2020 at 05:45 PM 0

Dyon, did the document give you the information that you needed?

Dyon Ng Don Glover · Jan 08, 2020 at 02:51 PM 0

Mostly good until creating an OpenID Connection in Title Settings. Using Issuer: https://appleid.apple.com caused an error upon saving. Instead, we used the Admin REST API, CreateOpenIdConnection, with:

{
    ConnectionId: "com.company.product",
    ClientId: "com.company.product",
    ClientSecret: "clientSecret",
    IssueDiscoveryUrl: "https://appleid.apple.com/.well-known/openid-configuration",
    IssuerInformation: {
        Issuer: "https://appleid.apple.com",
        AuthorizationUrl: "https://appleid.apple.com/auth/authorize",
        TokenUrl: "https://appleid.apple.com/auth/token",
        JsonWebKeySet: {
            "keys": [{
                "kty": "RSA",
                "kid": "AIDOPK1",
                "use": "sig",
                "alg": "RS256",
                "n": "lxrwmuYSAsTfn-lUu4goZSXBD9ackM9OJuwUVQHmbZo6GW4Fu_auUdN5zI7Y1dEDfgt7m7QXWbHuMD01HLnD4eRtY-RNwCWdjNfEaY_esUPY3OVMrNDI15Ns13xspWS3q-13kdGv9jHI28P87RvMpjz_JCpQ5IM44oSyRnYtVJO-320SB8E2Bw92pmrenbp67KRUzTEVfGU4-obP5RZ09OxvCr1io4KJvEOjDJuuoClF66AT72WymtoMdwzUmhINjR0XSqK6H0MdWsjw7ysyd_JhmqX5CAaT9Pgi0J8lU_pcl215oANqjy7Ob-VMhug9eGyxAWVfu_1u6QJKePlE-w",
                "e": "AQAB"
            }]
        }
    }
}

Show more comments

edwarddennekamp commented · Mar 10, 2020 at 02:36 PM

Has anyone actually managed to get Apple Sign in to work with Unity and PlayFab, and if so what are the steps, the documentation linked here is very weak, it doesn't even mention OpenId at all.

0 Show 2

Dyon Ng · Mar 10, 2020 at 07:08 PM 0

The documentation is updated for the NEW Apple Add-on. It no longer requires setting up OpenID. However, with Unity, I'm not sure if there's a Sign in with Apple plugin yet. You may have to setup your own native method of retrieving Apple's JWT Identity Token within XCode.

andymaddison · Mar 19, 2020 at 04:54 PM 1

See https://blogs.unity3d.com/2019/09/19/support-for-apple-sign-in/. Support for it is practically non-existent.

I've managed to get a couple of Unity apps through Apple submission.

Dyon Ng commented · Mar 10, 2020 at 09:20 PM

The new Apple Add-on is great and simple to use. However, it only works with AppStore listings whereas the old OpenID connection method could let any platform (Web, Windows, etc) use Sign in with Apple for authentication. Any plans on having both options, Apple Add-on and OpenId, available in the future?

Sign in with Apple

10 comments

Navigation

Spaces

Your Opinion Counts

Follow This Idea

Related Ideas